Amendments to the Claims 
1-22 (canceled) 

23. (currently amended) The method of claim 22 26, further comprising 
said host device routing said data to said firewall device to be processed by said 
hardware implemented firewall, said routing taking place at a physical layer in 
said data stack. 

24. (currently amended) The method of claim 22 26, further comprising: e) 
f) sending policies to said firewall device, wherein the operation of said hardware 
implemented firewall is modified. 

25. (canceled) 

26. (currently amended) Tho method of cla i m 25. A method of providing 
security in a network having a network interface device that makes a network 
connection without a firewall capability in said communication interface device 
that is reguired by the network for data transfer between the network and a host 
device using the network interface device, said method comprising: 

a) allowing a connection to said network to be established when said host 
device uses said network interface device without the reguired firewall capability 
only if a firewall device comprising a hardware implemented firewall is coupled to 
said host device: 

b) receiving data from said network over said connection establish via said 
communication interface device: 

c) processing said data with said hardware implemented firewall: and 

d) transferring said data to said host device, wherein said data is 
processed by said hardware implemented firewall ; and 

e) performing a configuration integrity check of a software component on a 
host device, wherein said configuration integrity check is performed before said 
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network connection is allowed [[in a)]] , wherein said connection is allowed only if 
said configuration integrity check passes; 

27. (currently amended) The method of claim 2§ 26, wherein e) comprises 
performing said configuration integrity check by performing a hash on said 
software component to produce a hash value and comparing said hash value 
with a stored hash value. 

28. (original) The method of claim 27, wherein said stored hash value 
resides on said firewall device. 

29. (original) The method of claim 27, further comprising: 

f) sending an alert if said configuration integrity check fails. 

30. (original) The method of claim 29, further comprising: 

g) storing an alert if said configuration integrity check fails. 

31. (currently amended) The method of claim 22 26, further comprising: 

e) f} swapping resource spaces in said host device that are reserved for 
said communication interface device and said firewall device, wherein said host 
device treats said communication interface device as said firewall device and 
vice versa; and 

f) g) said communication interface device transferring data received from 
said network in b) to said firewall device, wherein said firewall device processes 
said data with said hardware implemented firewall. 

32. (currently amended) The method of claim 22 26, further comprising: 
e) f) transferring data to be transferred over said network by said 

communication interface device to said firewall device; and 



3COM-3828.MCD.US.P 
Examiner: Moorthy, A. 



-3- 



Serial No.: 10/090,543 
Art Unit: 2131 



f) g) processing said data with said hardware implemented firewall, 
wherein said data is processed by said hardware implemented firewall before it is 
transferred over said network connection established via said communication 
interface device. 

33. (currently amended) The method of claim 32, wherein said e) f) 
comprises said host device routing said data to said firewall device before it is 
sent to said communication interface device, said routing taking place at a 
physical layer in said data stack. 

34. (currently amended) The method of claim 22 26, further comprising: 

e) f) performing a configuration integrity check of a software component on 
said host device; and 

f) g] sending policies to said firewall device, wherein the operation of said 
hardware implemented firewall is modified. 

35. (original) The method of claim 34, further comprising: 

g) sending an alert if said configuration integrity check fails. 

36-39 (canceled) 

40. (new) A method of providing security in a network having a network 
interface device that makes a network connection without a firewall capability in 
said communication interface device that is required by the network for data 
transfer between the network and a host device using the network interface 
device, said method comprising: 

allowing a connection to said network to be established when said host 
device uses said network interface device without the required firewall capability 
only if a firewall device comprising a hardware implemented firewall is coupled to 
said host device; 
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receiving data from said network over said connection establish via said 
communication interface device; 

processing said data with said hardware implemented firewall; 

transferring said data to said host device, wherein said data is processed 
by said hardware implemented firewall; and 

performing a configuration integrity check of a software component on 
said host device by performing a hash on said software component to produce a 
hash value and comparing said hash value with a stored hash value. 

41. (new) The method of claim 40, further comprising said host device 
routing said data to said firewall device to be processed by said hardware 
implemented firewall, said routing taking place at a physical layer in said data 
stack. 

42. (new) The method of claim 40, further comprising: 

sending policies to said firewall device, wherein the operation of said 
hardware implemented firewall is modified. 

43. (new) The method of claim 40, wherein said configuration integrity 
check is performed before said network connection is allowed and wherein said 
connection is allowed only if said configuration integrity check passes. 

44. (new) The method of claim 40, wherein said stored hash value resides 
on said firewall device. 

45. (new) The method of claim 40, further comprising: 
sending an alert if said configuration integrity check fails. 

46. (new) The method of claim 45, further comprising: 
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storing an alert if said configuration integrity check fails. 

47. (new) The method of claim 40, further comprising: 

swapping resource spaces in said host device that are reserved for said 
communication interface device and said firewall device, wherein said host 
device treats said communication interface device as said firewall device and 
vice versa; and 

said communication interface device transferring data received from said 
network to said firewall device, wherein said firewall device processes said data 
with said hardware implemented firewall. 

48. (new) The method of claim 40, further comprising: 
transferring data to be transferred over said network by said 

communication interface device to said firewall device; and 

g) processing said data with said hardware implemented firewall, wherein 
said data is processed by said hardware implemented firewall before it is 
transferred over said network connection established via said communication 
interface device. 

49. (new) The method of claim 48, wherein said transferring data to be 
transferred over said network by said communication interface device to said 
firewall device comprises: 

routing said data from said host device to said firewall device before it is 
sent to said communication interface device, said routing taking place at a 
physical layer in said data stack. 

50. (new) The method of claim 48, further comprising: 

performing a configuration integrity check of a software component on 
said host device; and 

sending policies to said firewall device, wherein the operation of said 
hardware implemented firewall is modified. 
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51 . (new) The method of claim 50, further comprising: 
sending an alert if said configuration integrity check fails. 

52. (new) A method of providing security in a network having a network 
interface device that makes a network connection without a firewall capability in 
said communication interface device that is required by the network for data 
transfer between the network and a host device using the network interface 
device, said method comprising: 

allowing a connection to said network to be established when said host 
device uses said network interface device without the required firewall capability 
only if a firewall device comprising a hardware implemented firewall is coupled to 
said host device; 

receiving data from said network over said connection establish via said 
communication interface device; 

processing said data with said hardware implemented firewall; 

transferring said data to said host device, wherein said data is processed 
by said hardware implemented firewall; 

performing a configuration integrity check of a software component on 
said host device; 

sending policies to said firewall device, wherein the operation of said 
hardware implemented firewall is modified; and 

sending an alert if said configuration integrity check fails. 

53. (new) The method of claim 52, further comprising said host device 
routing said data to said firewall device to be processed by said hardware 
implemented firewall, said routing taking place at a physical layer in said data 
stack. 

54. (new) The method of claim 52, further comprising: 
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sending policies to said firewall device, wherein the operation of said 
hardware implemented firewall is modified. 

55. (new) The method of claim 52, further comprising; 

performing a configuration integrity check of a software component on 
said host device. 

56. (new) The method of claim 55, wherein said configuration integrity 
check is performed before said network connection is allowed and wherein said 
connection is allowed only if said configuration integrity check passes. 

57. (new) The method of claim 55, further comprising: 

performing said configuration integrity check by performing a hash on said 
software component to produce a hash value and comparing said hash value 
with a stored hash value. 

58. (new) The method of claim 57, wherein said stored hash value resides 
on said firewall device. 

59. (new) The method of claim 57, further comprising: 
sending an alert if said configuration integrity check fails. 

60. (new) The method of claim 59, further comprising: 
storing an alert if said configuration integrity check fails. 

61 . (new) The method of claim 52, further comprising: 

swapping resource spaces in said host device that are reserved for said 
communication interface device and said firewall device, wherein said host 
device treats said communication interface device as said firewall device and 
vice versa; and 
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said communication interface device transferring data received from said 
network to said firewall device, wherein said firewall device processes said data 
with said hardware implemented firewall. 

62. (new) The method of claim 52, further comprising: 
transferring data to be transferred over said network by said 

communication interface device to said firewall device; and 

processing said data with said hardware implemented firewall, wherein 
said data is processed by said hardware implemented firewall before it is 
transferred over said network connection established via said communication 
interface device. 

63. (new) The method of claim 62, wherein said transferring data to be 
transferred over said network by said communication interface device to said 
firewall device comprises: 

routing said data from said host device to said firewall device before it is 
sent to said communication interface device, said routing taking place at a 
physical layer in said data stack. 
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